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Description 

[0001 ] The present invention relates to encryption/de- 
cryption methods and equipment adapted for physical 
characteristic information such as fingerprints, voice- 
prints, palm patterns, facial appearances, or signatures 
or signatures representing a characteristic inherent to an 
individual, and to remote identification systems for iden- 
tifying a person through a network according to the phys- 
ical characteristic information. 

[0002] The fingerprints, voiceprint, iris patterns or the 
like are characteristics inherent to an individual and are 
invariable for the life of the individual so that they are 
excellent as information for identifying a person and are 
utilized in various identification systems such as an ad- 
mission controlling system. 

[0003] As an information-related device such as a per- 
sonal computer spreads, on the other hand, a variety of 
information are vigorously sent and received through a 
network between end users to enhance the importance 
of commerce through the network and transmissions of 
documents. 

[0004] In order to perform the commerce and the ex- 
changes of important documents properly through the 
network, there has been needed a technique for sending 
and receiving information to prove each other through 
the network and for identifying the persons reliably be- 
tween each other. So the physical characteristic informa- 
tion has been noted as the information for identifying the 
persons. 

[0005] Fig. 1 of the accompanying drawings is a dia- 
gram showing a construction of a remote identification 
system of the prior art through a network. 
[0006] The remote identification system shown in Fig. 
1 is constructed such that a client-side identification 
equipment 41 0 sends authenticating information through 
the network, and such that a server-side identification 
equipment 420 identifies the person of the client-side 
identification equipment 410, according to the result of 
comparison between the received authenticating infor- 
mation and the registered authenticating information. 
[0007] When a personal computer communication 
service is utilized, for example, the end user's personal 
computer is the client-side identification equipment, and 
the host computer of a service provider is the server-side 
identification equipment. 

[0008] In this case, according to a user's ID and a pass- 
word inputted through a keyboard 41 1 , the authenticating 
information is generated by a request controlling part 41 2 
and is sent to the network by a transmission controlling 
part 413. 

[0009] At this time, the aforementioned password is 
encrypted by an encrypting part 41 4, and this encrypted 
password is used in the request controlling part 412 to 
generate the authenticating information so that the pass- 
word can be safely transferredthrough the network to the 
server-side identification equipment 420. 
[0010] In the server-side identification equipment 420 



shown in Fig. 1 , the aforementioned encrypted password 
is received by a transmission controlling part 422 and 
transferred to a decrypting part 421 . Accordingly, the de- 
crypting part 421 decrypts the encrypted password and 
5 transfers the password to an identification controlling part 
423. 

[001 1] On the other hand, the aforementioned user' s 
ID is received by the transmission controlling part 422 
and then transferred to the identification controlling part 

10 423. According to this user's ID, the identification con- 
trolling part 423 retrieves the registered password from 
a password data base 424, and compares this password 
with the password restored by the decrypting part 421 . 
[0012] In this case, if the restored password and the 

15 registered password match each other, the identification 
result having confirmed the identity is informed to the 
client-side identification equipment 41 0 by the transmis- 
sion controlling part 422. Accordingly, the request con- 
trolling part41 2 generates a message indicating the iden- 

20 tification result and informs the person of the fact that the 
permission was acknowledged, by a display (CRT) 415. 
[0013] As shown in Fig. 1 , on the other hand, the en- 
crypting part 41 4 may encrypt the password by using the 
current time on the system, as received from the digital 

25 timing unit 416, and the decrypting part 421 may decrypt 
the encrypted password by using the current time on the 
system, as received from a digital timing unit 425. 
[0014] In this case, the password inputted by the per- 
son can be converted into a different cryptogram each 

30 time so that it can be safely sent and received through 
the network. 

[001 5] I n this remote identification system, the inputted 
password is the information for identifying the person so 
that the password has to be properly managed by each 
35 person so as to identify the person reliably to exclude 
others. 

[0016] On the other hand, the physical characteristic 
information is inherent to an individual and is excellent 
as one for the identification so that it is utilized as the 

40 authenticating information for the persons in the admis- 
sion controlling system, for example. 
[0017] Fig. 2 is a diagram showing an example of the 
construction of the identification system utilizing the 
physical characteristic information. 

45 [0018] Fig. 2 shows the case in which the information 
representing a feature of a fingerprint is used as the phys- 
ical characteristic information. This identification system 
is constructed to include a fingerprint reader 430 and 
fingerprint identification equipment 440. 

50 [0019] In this identification system, the fingerprint 
reader 430 acquires the information featuring the finger- 
print of a person being present at the site as a series of 
numeric data and inputs the aforementioned information 
to the fingerprint identification equipment 440 through an 

55 identification controlling part 401 . 

[0020] A set of numeric data representing the feature 
of a fingerprint will be referred to as the "fingerprint data". 
[0021] In the fingerprint reader 430 shown in Fig. 2, a 



2 



3 



EP 1 063 812 B1 



4 



feature extracting part 431 receives the image data read 
by an image inputting part 432, and extracts the feature 
of the fingerprint appearing in that image. 
[0022] The features, as extracted by the feature ex- 
tracting part 431, are arrayed according to a predeter- 
mined format by a fingerprint data generating part 433, 
and the fingerprint data thus generated are transferred 
to the identification controlling part 401 . 
[0023] In the fingerprint identification equipment 440 
shown in Fig. 2, a fingerprint database 441 is registered 
with the user's ID given to an individual having an admis- 
sion and fingerprint data (hereunder referred to as "ref- 
erence data") obtained by measuring the related individ- 
uals. On the other hand, the user' s ID inputted from a 
keyboard 402 is transferred to a fingerprint data retrieving 
part 442 by the identification controlling part 401 , so that 
the related fingerprint data are retrieved from the afore- 
mentioned fingerprint database 41 1 by the fingerprint da- 
ta retrieving part 442 based on that user's ID and sub- 
jected to the processing of a verifying part 444. 
[0024] Here, the numeric data obtained by measuring 
the physical characteristic information including finger- 
prints generally fluctuate at each measurement by the 
condition for the measurement. 

[0025] By the pressure to be applied to a finger when 
the finger is pushed to the image inputting part 432, the 
temperature of the finger or the ambient humidity, for 
example, the image data to be read change in a subtle 
way. Accordingly, the patterns of ridge flows in an image 
of the fingerprint and the distributions of the ridge points 
or the ridge bifurcations fluctuate. 
[0026] According to the recognition rate required, 
therefore, the verifying part 444 decides whether or not 
the inputted fingerprint data belong to the eligible person, 
depending upon whether or not components in a prede- 
termined area of the inputted fingerprint data are equiv- 
alent to the components in the corresponding area of the 
reference data. 

[0027] Fig. 3 is a diagram for explaining a processing 
for comparing the physical characteristic information. 
[0028] For an application to allow a misidentification 
of about one to one hundred, for example, the verifying 
part 444 may compare a limited portion of the inputted 
fingerprint data with the reference data, as illustrated as 
a observing area in Fig. 3A, and may inform the identifi- 
cation controlling part 401 whether or not the variance of 
all the components contained in the observing area is 
within a predetermined allowable range. 
[0029] If the variance between the individual compo- 
nents of the reference data and the individual compo- 
nents of the inputted fingerprint data is within the allow- 
able range in the hatched area of Fig. 3A, for example, 
the verifying part 444 informs the identification controlling 
part 401 of the fact that the inputted fingerprint data and 
the reference data are equivalent. 
[0030] In response to this, the identification controlling 
part 401 may identify the person, have a displaying part 
403 display that the person is admitted, and perform the 



necessary controls such as unlocking the door by utilizing 
the function of the admission controlling part 404. 
[0031] If the variance of a portion of the component 
included in the aforementioned observing area exceeds 

5 the allowable range, as illustrated in Fig. 3B, the verifying 
part 444 may inform that the reference data and the in- 
putted fingerprint data are not equivalent. In response to 
this, the identification controlling part 401 may perform 
the controls necessary for denying the admission of the 

10 person. 

[0032] Here, if the fingerprint data are recognized by 
using the relatively narrow area as the observing area, 
as illustrated in Fig. 3A, a misidentification of about one 
to one hundred may occur, butthe possibility of excluding 
15 the person can be lowered even if the condition for meas- 
uring the fingerprint data is poor. 

[0033] For an application requiring a misidentification 
of about one to ten thousands, on the other hand, most 
of the fingerprint data has to be confined in the observing 
area, as illustrated in Fig. 3C. 

[0034] In this case, the possibility of the misidentifica- 
tion can be lowered, but the possibility that even the per- 
son able to be admitted may be denied because of having 
slight dirtiness of the fingertip will rise. This is because 
the wider the observing area the larger the possibility that 
the variance between the individual components of the 
inputted fingerprint data and the individual components 
of the reference data may exceed the allowable range. 
[0035] As the technique for transmitting the informa- 
tion safely through the network, there was already prac- 
ticed the RSA algorithm for realizing the public key sys- 
tem or the DES (Data Encryption Standard) method ap- 
plying the common key system. 

[0036] The DES method is a cryptographic method for 
dividing the information to be encrypted into blocks of a 
unit of 64 bits and for converting the individual blocks by 
combining a substitution cipher and a transposition ci- 
pher complicatedly. The DES method is called the "block 
encryption" because the conversion unit is the block. 
[0037] In the aforementioned remote identification sys- 
tem of the prior art, the password or the information for 
providing the identity is basically left to the management 
of an individual . 

[0038] In order to blockthe plagiarism of the password, 
on the other hand, it is required that the password has a 
sufficient length, be a meaningless string of characters 
and be frequently changed. This makes it difficult for the 
individual to manage the password properly. 
[0039] This is because aperson finds itdifficultto mem- 
orize the meaningless string of characters or symbols, 
and because the necessity of frequent change is too 
heavy a burden for the person. 

[0040] As a matter of fact, most users register such 
passwords as can be easily analogized from the personal 
information being opened to the public or the kind of in- 
formation to be preferably accessed to, record and carry 
the memorandum of the password or forget to change 
the password for a long time. 
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[0041] In the remote identification system using only 
the password as the information for identifying the per- 
son, therefore, it is difficult to ensure the safety necessary 
for the e-commerce or for sending and receiving the im- 
portant information. 

[0042] By introducing the remote identification system 
using the physical characteristic information inplace of 
the password as the information for the identification, it 
is possible to block fraudulent access. So important in- 
formation can be sent and received safely through the 
network. 

[0043] Fig. 4 shows an example of the construction of 
the remote identification system utilizing the physical 
characteristic information. 

[0044] In the client-side identification equipment 410 
shown in Fig. 4, the fingerprint data obtained by the fin- 
gerprint reader 430 are encrypted by the encrypting part 
41 4, and the obtained cryptogram is sent in place of the 
password to the network by the transmission controlling 
part 41 3. 

[0045] This cryptogram is received by the transmission 
controlling part 422 provided in the server-side identifi- 
cation equipment 420 and is then transferred to the de- 
crypting part 421 by the identification controlling part401 . 
In response to this, the decrypting part 421 decrypts the 
aforementioned cryptogram to restore the original finger- 
print data, which are transferred together with the user's 
ID to the fingerprint identification equipment 440. 
[0046] Premising that the physical characteristic infor- 
mation contains fluctuations and noises, when exactly 
the same physical characteristic information as the pre- 
viously inputted one is inputted, that physical character- 
istic information is judged to have been plagiarized. Then, 
the attack using the plagiarized authenticating informa- 
tion can be blocked, making it possible to send and re- 
ceive the information more safely. 
[0047] The attack to break the protection of the remote 
identification system by using the plagiarized authenti- 
cating information will be referred to as "replay attack". 
[0048] Here will be described an example of the remote 
identification system considering that replay attack. 
[0049] In the remote identification system shown in Fig. 
4, the replay attack is partially blocked by storing the fin- 
gerprint database 441 with not only the reference data 
related to each user's ID but also the registered finger- 
print data that is previously inputted, by comparing the 
inputted fingerprint data with the reference data and the 
registered fingerprint data by a comparing part 445 pro- 
vided in a verifying part 444, and by subjecting the result 
of comparison to the processings of a fraud detecting 
part 446 and of a recognizing deciding part 447. 
[0050] Here, according to the comparison result re- 
ceived from the comparing part 445, the fraud detecting 
part 446 shown in Fig. 4 decides whether or not all the 
numericdata comprising the inputted fingerprint data and 
the corresponding numeric data of the reference data or 
the registered fingerprint data completely match, and in- 
forms, if they match, the recognizing deciding part 447 



of the detection of the replay attack. 
[0051] According to the comparison result received 
from the comparing part 445, on the other hand, the rec- 
ognizing deciding part 447 decides whether or not the 
5 variance between the individual components of the in- 
putted fingerprint data and the individual components of 
the reference data is within a predetermined allowable 
range, and further whether or not the inputted fingerprint 
data belong to the eligible person, according to the de- 
10 cision result and the detection result of the fraud detecting 
part 446, and informs this result of decision as the result 
of recognition to the identification controlling part 401 . 
[0052] In this case, it is conditions necessary for iden- 
tifying a person that the inputted fingerprint data are 
15 equivalent to the reference data over the area covering 
the observing area, as illustrated in Fig. 4, and that all 
the numeric data comprising the inputted fingerprint data 
are not completely equal to the corresponding numeric 
data contained in the reference data or the registered 
20 fingerprint data. 

[0053] Here, the cryptographic technique of the prior 
art, as represented by the aforementioned DES method, 
regards the difficulty at the time of restoring the original 
information from the cryptogram as important, and con- 
25 verts the original information by a complicated crypto- 
graphic algorithm. This makes it seriously difficult to de- 
crypt the encrypted physical characteristic information to 
obtain the original physical characteristic information. 
[0054] Since the physical characteristic information it- 
30 self is inherent to each person, on the other hand, the 
information is extremely difficult to plagiarize or forge so 
long as it is properly managed. 

[0055] Since the process for the encrypted physical 
characteristic information to be transmitted through the 
35 network has almost no protection, however, it is relatively 
easy to acquire that information fraudulently. 
[0056] When the encrypted physical characteristic in- 
formation fraudulently acquired by the wiretapping meth- 
od or the like is utilized as it is, it can naturally be excluded 
40 as the replay attack, as has been described above. 
[0057] When the fraudulently acquired encrypted 
physical characteristic information is partially altered, 
however, the decrypted physical characteristic informa- 
tion may satisfy the conditions necessary for identifica- 
45 tion described above by the influence of the alteration 
upon the decrypted physical characteristic information. 
[0058] Because the fingerprint data having been en- 
crypted by the aforementionedencrypting part 414 using 
the blockencrypting method such as the DES method are 
50 decrypted for each block as in the encryption by the de- 
crypting part 421 so that the influence of the alteration of 
the encrypted physical characteristic information is ex- 
erted only locally on the portion which is obtained by de- 
crypting the altered portion, but not on the other portion. 
55 [0059] As illustrated in Fig. 5, therefore, pseudo fluc- 
tuations can be synthesized in the decrypted fingerprint 
data by fraudulently acquiring the encrypted fingerprint 
data in the network and by altering a portion (as hatched 
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in Fig. 5) of the encrypted fingerprint data to input as new 
authenticating information. 

[0060] When a portion of the encrypted fingerprintdata 
derived from the portion other than the observing area is 
altered, as illustrated in Fig. 5, the fingerprint data ob- 
tained by the decrypting part 421 are different at the de- 
cryption result of the altered portion from the correspond- 
ing portion of the original fingerprint data but are com- 
pletely equivalent in the observing area to the original 
fingerprint data. 

[0061] In other words, the decryption result obtained 
from the altered encrypted fingerprint data is equivalent 
over the observing area to the reference data but does 
not completely match either the reference data or the 
registered fingerprint data. 

[0062] In this case, the variance, caused in the decryp- 
tion result by altering the encrypted fingerprint data, from 
the original fingerprintdata is regarded as the fluctuations 
of the fingerprint data by the recognizing deciding part 
447, and the fraudulent attack using the altered encrypt- 
ed fingerprint data may be allowed. 
[0063] Therefore, any simple application of the cryp- 
tographic technique of the prior art could not enable the 
system for the identifying by sending and receiving the 
physical characteristic information through the network, 
to improve the security, which is expected by utilizing the 
physical characteristic information. 
[0064] It is desirable to provide an elementary tech- 
nique capable of restoring original physical characteristic 
information so as to block attacks against the security 
system by re-utilizing encrypted information. 
[0065] It is desirable to provide an identification system 
utilizing the authenticating information generated accord- 
ing to the physical characteristic information. 
[0066] According to one aspect of the present inven- 
tion there is provided a cryptographic method comprising 
the steps of: receiving physical characteristic information 
representing a characteristic inherent to an individual; 
randomly determining a numeric key; generating a cryp- 
tographic key from said numeric key and a predetermined 
primary key; encrypting said physical characteristic in- 
formation using said cryptographic key and; generating 
an auxiliary code for decrypting said cryptographic key, 
from the encrypted physical characteristic information 
and said numeric key. 

[0067] In this cryptographic method, the auxiliary code 
depends upon the encrypted physical characteristic in- 
formation. Therefore, the cryptographic key to be re- 
stored according to the auxiliary code necessarily de- 
pends upon the physical characteristic information. So 
by forming cryptogram from the encrypted physical char- 
acteristic information and the auxiliary code, the crypto- 
graphic key to be utilized for decrypting the encrypted 
physical characteristic information depends upon the en- 
tire cryptogram. 

[0068] According to another aspect of the present in- 
vention there is provided adecryption method comprising 
the steps of: receiving an encrypted physical character- 



istic information and an auxiliary code; restoring a nu- 
meric key from said received data; restoring cryptograph- 
ic key from said numeric key and a predetermined pri- 
mary key; and decrypting said encrypted physical char- 
5 acteristic information by using said cryptographic key and 
obtaining physical characteristic information, using the 
cryptographic key. 

[0069] In this decryption method, the original physical 
characteristic information can be restored by decrypting 
10 the encrypted physical characteristic information ob- 
tained by the aforementioned cryptographic method, us- 
ing the cryptographic key assumed to be used in encrypt- 
ing physical characteristic information. 
[0070] The invention also provides computer pro- 
grams as described above in any of the storage medium 
aspects of the invention. 

[0071] Preferred features of the present invention will 
now be described, purely by way of example, with refer- 
ence to the accompanying drawings, in which:- 

Fig. 1 is a diagram showing an example of the con- 
struction of a remote identification system of the prior 
art; 

Fig. 2 is a diagram showing an example of the con- 
struction of the identification system of the prior art, 
utilizing the physical characteristic information; 
Fig. 3 is a diagram for explaining the comparing 
processing on physical characteristics; 
Fig. 4 is a diagram showing an example of the con- 
struction of the remote identification system utilizing 
the physical characteristic information; and 
Fig. 5 is a diagram for explaining effects from alter- 
ations of the physical characteristic information. 
Fig. 6 is a diagram illustrating the principles of acryp- 
tographic method and a decrypting method accord- 
ing to one of the preferred embodiments of the in- 
vention; 

Fig. 7 is a block diagram illustrating the principles of 
a cryptographic equipment anda decrypting equip- 
ment according to one of the preferred embodiments 
of the invention; 

Fig. 8 is a diagram showing an embodiment of the 
invention; 

Fig. 9 is a flow chart showing the operations of the 
embodiment of Fig. 8; 

Fig. 1 0 is a diagram for explaining the operations of 
the embodiment of Fig. 8; 

[0072] First of all, here will be described the principles 
of a cryptographic method and a decrypting method, a 
cryptographic equipment and a decrypting equipment, 
and an identification system according to a preferred em- 
bodiment of the invention. Fig. 6A is a diagramillustrating 
the principle of a cryptographic method according to one 
of the preferred embodiments of the invention. 
[0073] The cryptographic method, as shown in Fig. 6A, 
is constructed to include: a step (S1 1) of inputting phys- 
ical characteristic information; a step (S12) of determin- 
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ing a numeric key; a step (S13) of generating a crypto- 
graphic key; an encryption step (S14) ; and a step (S15) 
of generating an auxiliary code. 

[0074] The principle of the cryptographic method ac- 
cording to one of the preferred embodiments of the in- 
vention will be described in the following. 
[0075] In the inputting step (S1 1 ), the physical charac- 
teristic information representing a characteristic inherent 
to an individual is received. In the numeric key determin- 
ing step (S12), a numeric key is determined randomly. 
In the cryptographic key generating step (S1 3), the cryp- 
tographic key is generated from the numeric key and a 
predetermined primary key. In the encryption step (S1 4), 
the physical characteristic information is encrypted by 
using the cryptographic key. In the code generating step 
(S1 5), an auxiliary code is generated from the encrypted 
physical characteristic information and the numeric key. 
[0076] The operations of the cryptographic method will 
be described in the following. 

[0077] At each encryption, according to the numeric 
key determined at the numeric key determining step 
(S12), the cryptographic key is generated at the crypto- 
graphic key generating step (S1 3), and the physical char- 
acteristic information inputted at the inputting step (S1 1) 
is encrypted at the encryption step (S14) by using that 
cryptographic key. According to the encrypted physical 
characteristic information thus obtained and the afore- 
mentioned numeric key, on the other hand, the auxiliary 
code is generated at the code generating step (S15). 
[0078] Thus, a depending relationship is established 
between the auxiliary code and the encrypted physical 
characteristic information. 

[0079] By providing the encrypted physical character- 
istic information and the auxiliary code for the decryption 
and by restoring the cryptographic key in the decryption 
according to the aforementioned auxiliary code, there- 
fore, the decryption of the encrypted physical character- 
istic information is carried out by the cryptographic key 
depending up on the encrypted physical characteristic 
information. 

[0080] Fig. 6B is a diagram illustrating the principle of 
the decrypting method according to one of the preferred 
embodiments of the invention. 

[0081] The decrypting method, as shown in Fig. 6B, 
include a receiving step (S21), a numeric key restoring 
step (S22), a cryptographic key restoring step (S23) and 
a decrypting step (S24). 

[0082] The principle of the decrypting method accord- 
ing to one of the preferred embodiments of the invention 
will be described in the following. 
[0083] In the receiving step (S21 ), an encrypted phys- 
ical characteristic information and an auxiliary code are 
received as a cryptogram. In the numeric key restoring 
step (S22), a numeric key is restored from the encrypted 
physical characteristic information and the auxiliary 
code. Next, in the cryptographic key restoring step (S23), 
a cryptographic key is restored from the numeric key and 
a predetermined primary key. In the decrypting step 



(S24), the encrypted physical characteristic information 
is decrypted by using the cryptographic key and physical 
characteristic information is restored. 
[0084] The operations of the decrypting method will be 

5 described in the following. 

[0085] When the receiving step (S21 ) receives the en- 
crypted physical characteristic information and the aux- 
iliary code, the numeric key is restored at the numeric 
key restoring step (S22), and the cryptographic key is 

10 restored at the cryptographic key restoring step (S23) 
according to the numeric key and the primary key. It de- 
pends upon the propriety of the encrypted physical char- 
acteristic information whether or not the cryptographic 
key thus obtained is correct. Only when the proper en- 

15 crypted physical characteristic information arrives, there- 
fore, the original physical characteristic information can 
be restored at the restoring step (S24). 
[0086] Fig. 7A is a blockdiagram showing the principle 
of a cryptographic equipment according to one of the 

20 preferred embodiments of the invention. 

[0087] The cryptographic equipment, as shown in Fig. 
7A, is constructed to include physical characteristic in- 
putting section 111, numeric key determining section 
1 12, keygenerating section 1 13, encrypting section 1 14, 

25 generating section 115 and combining section 116. 

[0088] The principle of the cryptographic equipment 
according to one of the preferred embodiments of the 
invention will be described in the following. 
[0089] The physical characteristic inputting section 

30 111 inputs physical characteristic information represent- 
ing a characteristic inherentto an individual. The numeric 
key determining section 112 determines a numeric key 
randomly. The key generating section 1 13 generates a 
cryptographic key from the numeric key and a predeter- 

35 mined primary key. The encrypting section 1 14 encrypts 
the inputted physical characteristic information by using 
the cryptographic key. The code generating section 115 
generates an auxiliary code from the encrypted physical 
characteristic information and the numeric key. 

40 [0090] The operations of the cryptographic equipment 
thus constructed will be described in the following. 
[0091] At each encryption, the numeric key is gener- 
ated by the numeric key determining section 112, and 
this numeric key is used to generate the cryptographic 

45 key by the keygenerating section 1 13. When the encrypt- 
ing section 1 1 4 performs the encryption by using the cryp- 
tographic key, therefore, the physical characteristic in- 
formation inputted by the inputting section 111, is en- 
crypted by using a onetime cryptographic key. According 

50 to the encrypted physical characteristic information thus 
obtained and the aforementioned numeric key, on the 
other hand, the auxiliary code is generated by the code 
generating section 115. 

[0092] Thus, the auxiliary code is generated according 
55 to the encrypted physical characteristic information so 
that a depending relationship is established between the 
auxiliary code and the encrypted physical characteristic 
information. 
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[0093] So, a cryptogram generated from the encrypted 
physical characteristic information and auxiliary code is 
subjected to decrypting processing, the cryptographic 
key in the decryption is restored according to the afore- 
mentioned auxiliary code. Therefore, the decryption of 
the encrypted physical characteristic information is per- 
formed by the cryptographic key depending upon the en- 
crypted physical characteristic information. 
[0094] Fig. 7B is a block diagram illustrating the prin- 
ciple of a decrypting equipment according to one of the 
preferred embodiments of the invention. 
[0095] The decrypting equipment, as shown in Fig. 7B, 
is constructed to include receiving section 1 17, numeric 
key restoring section 118, the key generating section 1 1 3 
and decrypting section 1 19. 

[0096] The principle of the decrypting equipment ac- 
cording to one of the preferred embodiments of the in- 
vention will be described in the following. 
[0097] The receiving section 1 1 7 receives the encrypt- 
ed physical characteristic information and an auxiliary 
code. The numeric key restoring section 1 1 8 restores a 
numerickey from the encrypted physical characteristic 
information and the auxiliary code. The key generating 
section 1 13 generates a cryptographic key from the nu- 
meric key and a predetermined primary key. The decrypt- 
ing section 1 1 9 decrypts the encrypted physical charac- 
teristic information by using the cryptographic key. 
[0098] The operations of the decrypting equipment 
thus constructed will be described in the following. 
[0099] According to the encrypted physical character- 
istic information and the auxiliary code received through 
the receiving section 1 1 7, the numeric key is restored by 
the numeric key restoring section 118, and the crypto- 
graphic key is generated by the key generating section 
1 13 according to the restored numeric key. 
[0100] It depends upon the propriety of the encrypted 
physical characteristic information whether or not the 
cryptographic key thus obtained is correct. Only when 
the proper encrypted physical characteristic information 
arrives, therefore, the original physical characteristic in- 
formation can be restored by the decrypting section 1 1 9. 
[0101] On the other hand, a encryption program ac- 
cording to one of the preferred embodiments of the in- 
vention is constructed to include an inputting procedure, 
a numeric key determining procedure, a cryptographic 
key generating procedure, an encrypting procedure and 
a code generating procedure. 

[01 02] The principle of the encryption program accord- 
ing to one of the preferred embodiments of the invention 
will be described in the following. 
[0103] In the inputting procedure, physical character- 
istic information representing a characteristic inherent to 
an individual is inputted. In the numeric key determining 
procedure, a numeric key is randomly determined. In the 
key generating procedure, a cryptographic key is gener- 
ated from the numeric key and a predetermined primary 
key. In the encrypting procedure, the inputted physical 
characteristic information is encrypted by using the cryp- 



tographic key. In the code generating procedure, an aux- 
iliary code is generated according to the encrypted phys- 
ical characteristic information and the numeric key. 
[01 04] The operations of the encryption program thus 
5 constructed will be described in the following. 

[0105] The numeric key obtained by the numeric key 
determining procedure is used to generate the onetime 
cryptographic key by the keygenerating procedure, and 
the physical characteristic information inputted in the in- 
fo putting procedure is encrypted in the encrypting proce- 
dure by the aforementioned cryptographic key. In the 
code generating procedure, on the other hand, the aux- 
iliary code is generated according to the encrypted phys- 
ical characteristic information and the aforementioned 
15 numeric key. 

[0106] Thus, a depending relationship is established 
between the auxiliary code and the encrypted physical 
characteristic information. The restoration of the original 
physical characteristic information is assured, so long as 
20 the encrypted physical characteristic information and the 
auxiliary code are subjected as they are to the decrypting 
processing, but is completely impossible according to the 
alteration of the encrypted physical characteristic infor- 
mation or the auxiliary code. 
25 [0107] On the other hand, a decryption program ac- 
cording to one of the preferred embodiments of the in- 
vention is constructed to include a receiving procedure, 
a numeric key restoring procedure, a key generating pro- 
cedure and a decrypting procedure. The principle of the 
30 decryption program according to one of the preferred em- 
bodiments of the invention will be described in the fol- 
lowing. 

[0108] In the receiving procedure, a cryptogram includ- 
ing the encrypted physical characteristic information and 

35 an auxiliary code are received. In the numeric key restor- 
ing procedure, a numeric key for the generation of a cryp- 
tographic key is restored according to the encrypted 
physical characteristic information and the auxiliary 
code. In the key generating procedure, a cryptographic 

40 key is generated according to the numeric key and a pre- 
determined primary key. In the decrypting procedure, the 
encrypted physical characteristic information is decrypt- 
ed by using the cryptographic key. 
[01 09] The operations of the decryption program thus 

45 constructed will be described in the following. 

[01 1 0] According to the encrypted physical character- 
istic information and the auxiliary code received in the 
receiving procedure, the numeric key is restored by the 
numeric key restoring procedure, and the cryptographic 

50 key is generated by the key generating procedure ac- 
cording to the numeric key. 

[0111] By utilizing a depending relationship between 
the encryptedphysical characteristic information and the 
auxiliary code, therefore, the cryptographic key used in 
55 the encryption can be restored and subjected to the de- 
crypting procedure only when both the encrypted phys- 
ical characteristic information and the auxiliary code are 
correct. 



7 



13 



EP 1 063 812 B1 



14 



[0112] An embodiment of the invention will be de- 
scribed in detail with reference to the accompanying 
drawings. 

[01 1 3] Fig. 8 shows an embodiment of the present in- 
vention, and Fig. 9 is a flow chart showing the encryption 
and the decryption. 

[0114] In Fig. 8, the components having the same func- 
tions and constructions as those shown in Figs. 2 and 4 
are designated by the common reference numerals, and 
their description will be omitted. 

[0115] In a client-side identification equipment 201 
shown in Fig. 8, the fingerprint data obtained by the fin- 
gerprint reader 430 (see Fig. 2) are encrypted by a cryp- 
tographic equipment 210, and the encrypted physical 
characteristic information obtained is sent by the trans- 
mission controlling part 413 to the network. 
[0116] In a server-side identification equipment 202, 
on the other hand, the encrypted physical characteristic 
information received by the transmission controlling part 
422 is decrypted by a decrypting equipment 220 so that 
the result of this decryption is subjected to the processing 
of the fingerprint identification equipment 440. 
[0117] In the cryptographic equipment 210 shown in 
Fig. 8, a bit pattern generating part 21 1 generates acyclic 
code for cyclic redundancy check (CRC) of a predeter- 
mined length according to a series of numeric data rep- 
resenting the fingerprint data inputted (at Steps 301 and 
302 in Fig. 9A), and the generated cyclic code is subject- 
ed as the numeric key to the processing of a key gener- 
ating part 212. 

[01 1 8] Here, the fingerprint dataobtained by the afore- 
mentioned fingerprint reader 430 contain not only infor- 
mation representing characteristics inherent to the per- 
son to be measured (hereunder referred to as "inherent 
characteristics") and also fluctuation elements fluctuat- 
ing with the condition of measurement. If a cyclic code 
of n-bits is generated by the aforementioned bit pattern 
generating part 21 1 according to a bit string representing 
the fluctuation elements, therefore, a bit pattern different 
for each input of fingerprintdata never fails to be obtained 
but can be utilized as a numeric key changing at each 
encryption. 

[0119] In other words, the bit pattern generating part 
21 1 thus operates to transfer the bit pattern as numeric 
key obtained to the key generating part 212 so that ran- 
dom numeric data can be generated as a cryptographic 
key by utilizing the fluctuation of the fingerprint data. 
[0120] In Fig. 8, on the other hand, a primary key stor- 
age area 213 stores a bit string of a length of n-bits as 
the primary key, and the key generating part 212 per- 
forms an exclusive OR operation between the primary 
key and the aforementioned bit pattern, for example, to 
generate a cryptographic key of n-bits (at Step 303 of 
Fig. 9A) and to subj ect the generated cryptographic key 
to the processing of a block encrypting part 214. 
[0121] When a device password is registered in ad- 
vance as information for identifying the client-side iden- 
tification equipment 201, for example, the device pass- 



word or its portion may be stored as the primary key in 
the primary key storage area 213. On the other hand, a 
user's password inputted by the person can be utilized 
as the primary key. Moreover, a bit pattern obtained by 
5 combining the device password and the user's password 
may be stored as the primary key in the primary key stor- 
age area 213. 

[0122] In general, the longer the cryptographic key is, 
the more difficult the decryption of the encrypted infor- 

10 mation becomes, so that a bit pattern of 32 bits or longer 
should be generated as the cryptographic key. 
[01 23] In particular, acyclic code of 56 bits is generated 
by the bit pattern generating part 21 1, and a bit pattern 
of the same length is stored as the primary key. If the 

15 cryptographic key of 56 bits is then generated by the key 
generating part 212, the block encryption such as the 
data encryption standard method can be applied. 
[0124] In this case, the block encrypting part 214 may 
be constructed to encrypt the fingerprint data by using 

20 the aforementioned cryptographic key in accordance 
with the data encryption standard method (at Step 304 
of Fig. 9A) and to subj ect the obtained encrypted finger- 
print data to the processings of a hash coding part 215 
and of a message combining part 21 6. This hash coding 

25 part 215 is constructed to convert the encrypted finger- 
print data, for example, into a hash address represented 
as a bit string shorter than their own length by using a 
proper hash function. 

[01 25] The hash address obtained by the hash coding 
30 part 21 5 is inputted together with the aforementioned nu- 
meric key to a logical operating part 217. This logical 
operating part 217 performs a predetermined logic oper- 
ation to convert a combination of the hash address and 
the numeric key by a one-to-one mapping function and 
35 to transfer the result of operation to the message com- 
bining part 21 6. 

[0126] Here, if a hash function having a sufficient dif- 
fusion is used in the aforementioned hash coding part 
215, this hash coding part 215 can operate in response 
40 to an input of the encrypted data on the fingerprint char- 
acteristics to obtain a digest reflecting the summary of 
the encrypted fingerprint characteristic data (at Step 305 
of Fig. 9A). 

[0127] In response to the input of the hash address 
45 and the numeric key, on the other hand, the logical op- 
eratingpart 217 calculates their exclusive OR (at Step 
306 of Fig. 9A) so that the two inputs can be converted 
into a mapping corresponding one-to-one to their com- 
bination thereby to obtain the result of logic operation 
50 reflecting both the hash address and the numeric key. 
[0128] In this case, the aforementioned hash coding 
part 215 and logical operating part 217 can perform a 
simple arithmetic and logical operation to obtain an aux- 
iliary code reflecting both a digest related closely to en- 
55 crypted fingerprint characteristic data and the numeric 
key. 

[0129] By thus generating a depending relationship 
between the auxiliary code and the encrypted fingerprint 
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characteristic data, the cryptographic key to be utilized 
in the decrypting equipment changes depending upon 
both the auxiliary code and the encrypted fingerprint 
characteristic data, as will be described later, so that the 
restoration of the cryptographic key can be made impos- 
sible in response to the alteration of a cryptogram to be 
transmitted through the network. 

[01 30] On the other hand, the message combining part 
216 shown in Fig. 8 combines the encrypted fingerprint 
characteristic data received from the block encrypting 
part 21 4 and the aforementioned auxiliary code (at Step 
307 of Fig. 9A), for example, to generate the authenti- 
catinginformation represented as a series of bit string, 
as illustrated in Fig. 10, and to send the authenticating 
information to the network by the transmission controlling 
part 41 3. 

[01 31 ] Thus, in response to the inputs of the encrypted 
fingerprint characteristic data and the auxiliary code, the 
message combining part 21 6 can operate to combine the 
encrypted fingerprint characteristic data and the auxiliary 
code and to send them to the network by the transmission 
controlling part 413. 

[0132] Next, a decrypting equipment of the first em- 
bodiment will be described in detail. 
[0133] In the decrypting equipment 220 shown in Fig. 
8, an auxiliary code separating part 222 receives the au- 
thenticating information shown in Fig. 10 from the trans- 
mission controlling part 422 (at Step 31 1 of Fig.9B), and 
separates the authenticating information into the encrypt- 
ed fingerprint characteristic data (at Step 312 of Fig. 9B) 
and the auxiliary code to send the encrypted fingerprint 
characteristic data to a block decrypting part 223 and a 
hash coding part 224 and to send the auxiliary code to a 
logical operating part 225. 

[0134] Here, the auxiliary code is the resultof exclusive 
OR operation of the hash address corresponding to the 
encrypted fingerprint characteristic data and the numeric 
key, as has been described above. 
[0135] Therefore, the hash address of the encrypted 
fingerprint characteristic data is determined by the hash 
coding part 224 by using the same hash function as that 
used in the encryption (at Step 313 of Fig. 9B), and the 
exclusive OR between the hash address and the auxiliary 
code is determined by the logical operating part 225 (at 
Step 314 of Fig. 9B), so that the numeric key used for 
generating the cryptographic key can be restored. 
[0136] In Fig. 8, on the other hand, a primary key stor- 
age area 226 stores the primary key used in the encryp- 
tion, and the primary key storage area 226 and a key 
generating part 227 can operate, in response to the result 
of operation by the logical operating part 225 as the nu- 
meric key, to reproduce the cryptographic key used in 
the encryption and to subject the reproduced crypto- 
graphic key to the processing of the block decrypting part 
223(at Steps 315 and 316 of Fig. 9B). 
[0137] Thus, the decrypting equipmentcan be realized 
to restore the original fingerprint data from the authenti- 
cating information containing the encrypted fingerprint 



characteristic data obtained by the aforementioned cryp- 
tographic equipment 210. 

[01 38] Next, here will be described a method for block- 
ing a fraudulent access by the server-side identification 

5 equipment 202 including the fingerprint identification 
equipment 440 of the aforementioned construction when 
the authenticating information is partially altered in the 
course of being transmitted in the network. 
[0139] If the encrypted fingerprint characteristic data 

10 contained in the authenticating information is partially al- 
tered (as hatched in Fig. 10), as shown in Figs. 10A and 
1 0B, the hash address obtained by the hash coding part 
224 is naturally different according to the input of the 
encrypted fingerprint characteristic data from that which 

15 is obtained by hash-coding the original encrypted finger- 
print characteristic data. 

[0140] In this case, an erroneous digest is obtained by 
the alteration of the encrypted fingerprint characteristic 
data so that the numeric key obtained by inputting the 
20 erroneous digest and the auxiliary code to the logical 
operating part is also erroneous. Naturally, the error is 
also propagated to the cryptographic key that is restored 
by the key generating part 227 according to that numeric 
key. 

25 [0141] As a result, the block decrypting part 223 de- 
crypts the altered encrypted fingerprint characteristic da- 
ta by using the erroneous cryptographic key so that the 
result of decryption can be expected to be remarkably 
different from the original fingerprint data. 

30 [0142] When the auxiliary code included in the authen- 
ticating information is altered, as shown in Fig. 10B, the 
correct hash address can be obtained by the hash coding 
part 224 in response to the input of the encrypted finger- 
print characteristic data. However, since the auxiliary 

35 code is erroneous, the result of operation by the logical 
operating part will be erroneous, making the resulting 
numeric key different from the original numeric key. 
[0143] In this case, too, the erroneous cryptographic 
key is subjected to the processing of the block decrypting 

40 part 223 as in the case where the encrypted fingerprint 
data are altered, so that the result of decryption obtained 
by the block decrypting part 223 can also be expected 
to be remarkably different from the original fingerprint 
data. 

45 [0144] From this, altering the authenticating informa- 
tion even partially results in the breaking of the depending 
relationship formed in the encryption between the en- 
crypted physical characteristic information and the aux- 
iliary code, and the influence of this alteration can be 

50 propagated to the entire result of decryption. 

[0145] Since the difference between the result of de- 
cryption obtained by using the erroneous cryptographic 
key and the original fingerprint data is serious as de- 
scribed above, it canbe reliably decided by the fingerprint 

55 identification equipment 440 that the fingerprint data ob- 
tained in response to the input of the altered authenticat- 
ing information do not belong to the eligible person. 
[0146] This is because the influence of the alteration 
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of an arbitrary portion of the authenticating information 
is exerted all over the result of decryption. It can therefore 
be expected that the information comprising to the ob- 
serving area in the fingerprint identification equipment 
440 is reliably influenced considerable amount. 
[0147] Irrespective of the extent of the observing area, 
therefore, the fingerprint data restored from the altered 
authenticating information are reliably decided as not 
provided in the eligible person by the dactyloscopy. This 
makes it possible to reliably block the access according 
to the encrypted physical characteristic information 
fraudulently acquired. 

[0148] Constructing to exclude the fingerprint data, 
which are identical to the reference data or the registered 
fingerprint data, when inputted, as the "replay attack" is 
adopted as in the fingerprint identification equipment 440 
shown in Fig. 4, it is possible to block the access utilizing 
the fraudulently acquired authenticating information as it 
is. 

[0149] In the first embodiment, the features of the in- 
herent characteristics and the fluctuation elements in- 
cluded in the physical characteristic information are in- 
dividually utilized to identify a person reliably to provide 
a remote identification system of high safety. 
[0150] Here, the cryptographic method to be adopted 
in the encrypting part 214 may be one of the common 
key system, and an affine transformation cryptography 
or a vegenere cryptography may be adopted in place of 
the aforementioned data encryption standard method. 
[01 51 ] On the other hand, the unit length of encryption 
by the encrypting part 214 can also be modified. 
[0152] In this modification, for example, the encryption 
unit has a length of 32 bits, and both the primary key and 
the numeric key are given 32 bits. The key generating 
part 212 generates a cryptographic key of 32 bits, and 
the encrypting part 21 4 determines random numbers se- 
quentially for each block by utilizing that cryptographic 
key so that the series of result of exclusive OR operation 
between each random number and the corresponding 
block may be used as the result of encryption. 
[0153] On the other hand, the digest of the encrypted 
physical characteristic information may depend upon the 
encrypted physical characteristic information as a whole. 
For example, therefore, the cryptographic equipment and 
the decrypting equipment may be constructed to include 
a decimating part for decimating bits simply from the bit 
string representing the encrypted physical characteristic 
information, to generate the digest, in place of the hash 
coding parts 21 5 and 224. Alternatively, the cryptograph- 
ic equipment and the decrypting equipment can also be 
constructed to include a cyclic code generating part for 
generating the cyclic code on the encrypted physical 
characteristic information as the digest. 
[0154] On the other hand, the client-side identification 
equipment 201 may be constructed to include an inte- 
grated circuit card writer in place of the transmission con- 
trolling part 41 3 shown in Fig. 8, and the server-side iden- 
tification equipment 202 may be constructed to include 



an integrated circuit card reader in place of the transmis- 
sion controlling part 422, so that the authenticating infor- 
mation may be sent and received by using the integrated 
circuit card. 

5 [0155] In this case, the authenticating information can 
be transferred to the server-side identification equipment 
202 by manually transporting the nameplate having the 
integrated circuit card (hereunder referred to as "IC 
card"). 

10 [01 56] On the other hand, the program to be executed 
by the computer can realize the functions of the individual 
parts constructing the decrypting equipment 220 shown 
in Fig. 8. By recording the program in the storage media 
and distributing it, the system for encrypting the physical 
15 characteristic information safely by using the crypto- 
graphic method can be provided for users of wide range. 
[0157] Likewise, the program for executing the com- 
puter can realize the functions of the individual parts con- 
structing the decrypting equipment 220 shown in Fig. 8. 
By recording the program in the storage media and dis- 
tributing it, there can be provided the system for decrypt- 
ing only the proper authenticating information encrypted 
by using the first cryptographic method, correctly to re- 
store the physical characteristic information and to sub- 
ject it to the identifying processing. 



Claims 

1. A cryptographic method comprising the steps of: 

receiving physical characteristic information 
representing a characteristic inherent to an in- 
dividual (S11); 

randomly determining a numeric key (S12); 
generating a cryptographic key from said nu- 
meric key and a predetermined primary key 
(S13); 

encrypting said physical characteristic informa- 
tion using said cryptographic key (S14); and 
generating an auxiliary code for restoring said 
cryptographic key, from said encrypted physical 
characteristic information and said numeric key 
(S15). 

2. A decryption method comprising the steps of: 

receiving encrypted physical characteristic in- 
formation and an auxiliary code (S21); 
restoring a numeric key from said received data 
(S22); 

restoring cryptographic key from said numeric 
key and a predetermined primary key (S23); and 
decrypting said encrypted physical characteris- 
tic information by using said cryptographic key 
and obtaining physical characteristic informa- 
tion (S24). 
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3. A cryptographic equipment, comprising: 

inputting means (111) for inputting physical 
characteristic information representing a char- 
acteristic inherent to an individual; 5 
numeric key generating means (112) for ran- 
domly determining numeric key; 
key generating means (113) for generating a 
cryptographic key from said numeric key and a 
predetermined primary key; 10 
encrypting means (114) for encrypting said 
physical characteristic information using said 
cryptographic key; and 

code generating means (1 1 5) for generating an 
auxiliary code from said encrypted physical is 
characteristic information and said numeric key. 

4. A decryption equipment comprising: 

receiving means (117) for receiving an encrypt- 20 
ed physical characteristic information and an 
auxiliary code; 

numeric key restoring means (1 1 8) for restoring 
a numeric key from said encrypted physical 
characteristic information and said auxiliary 25 
code; 

key generating means (113) for generating a 
cryptographic key from said numeric key and a 
predetermined primary key; and 
decrypting means (1 1 9) for decrypting said en- 30 
crypted physical characteristic information by 
using said cryptographic key. 

5. A computer-readable medium that stores instruc- 
tions which cause at least a portion of a computer 35 
system to perform: 

an inputting procedure for inputting physical 
characteristic information representing a char- 
acteristic inherent to an individual 40 
a numeric key generating procedure for random- 
ly determining a numeric key; 
a key generating procedure for generating a 
cryptographic key from said numeric key and a 
predetermined primary key; 45 
an encrypting procedure for encrypting said 
physical characteristic information using said 
cryptographic key; and 

a code generating procedure for generating an 
auxiliary code from said encrypted physical 50 
characteristic information and said numeric key. 

6. A computer-readable medium that stores instruc- 
tions which cause at least a portion of a computer 
system to perform: 55 

a receiving procedure for receiving a cryptogram 
including an encrypted physical characteristic 



information and an auxiliary code; 

a numeric key restoring procedure for restoring 

a numeric key from said encrypted physical 

characteristic information and said auxiliary 

code; 

a key generating procedure for generating a 
cryptographic key from said numeric key and a 
predetermined primary key; and 
a decrypting procedure for decrypting said en- 
crypted physical characteristic information by 
using said cryptographic key. 



Patentanspruche 

1. Kryptographisches Verfahren, mit den Schritten: 

Empfangen einer physischen charakteristi- 
schen Information, die ein einer Person anhaf- 
tendes Charakteristikum reprasentiert (S11); 
willkurliches Bestimmen eines numerischen 
Schlussels (S12); 

Erzeugen eines kryptographischen Schlussels 
aus dem numerischen Schlussel und einem vor- 
bestimmten Primarschlussel (S13); 
Verschlusseln der physischen charakteristi- 
schen Information unter Verwendung des kryp- 
tographischen Schlussels (S14); und 
Erzeugen eines Hilfscodes zum Wiederherstel- 
len des kryptographischen Schlussels aus der 
verschlusselten physischen charakteristischen 
Information und dem numerischen Schlussel 
(S15). 

2. Entschlusselungsverfahren, mit den Schritten: 

Empfangen einer verschlusselten physischen 
charakteristischen Information und eines 
Hilfscodes (S21); 

Wiederherstellen eines numerischen Schlus- 
sels aus den empfangenen Daten (S22); 
Wiederherstellen eines kryptographischen 
Schlussels aus dem numerischen Schlussel 
und einem vorbestimmten Primarschlussel 
(S23); und 

Entschlusseln der verschlusselten physischen 
charakteristischen Information durch Verwen- 
den des kryptographischen Schlussels und Er- 
halten einer physischen charakteristischen In- 
formation (S24). 

3. Kryptographisches Gerat, mit: 

Eingabemittel (111), urn eine physische charak- 
teristische Information einzugeben, die ein einer 
Person anhaftendes Charakteristikum repra- 
sentiert; 

numerische Schlussel erzeugendem Mittel 
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(1 1 2), um einen numerischen Schlussel willkur- 
lich zu bestimmen; 

Schlussel erzeugendem Mittel (113), um aus 
dem numerischen Schlussel und einem vorbe- 
stimmten Primarschlussel einen kryptographi- 5 
schen Schlussel zu erzeugen; 
Verschlusselungsmittel (1 1 4), um die physische 
charakteristische Information unter Verwen- 
dung des kryptographischen Schlussels zu ver- 
schlusseln; und 10 
Codes erzeugendem Mittel (115), um aus der 
verschlusselten physischen charakteristischen 
Information und dem numerischen Code einen 
Hilfscode zu erzeugen. 

15 

4. Entschlusselungsgerat, mit: 

Empfangsmittel (117), um eine verschlusselte 
physische charakteristische Information und ei- 
nen Hilfscode zu empfangen; 20 
numerische Schlussel wiederherstellendem 
Mittel (1 1 8), um aus der verschlusselten physi- 
schen charakteristischen Information und dem 
Hilfscode einen numerischen Schlussel wieder- 
herzustellen; 25 
Schlussel erzeugendem Mittel (113), um aus 
dem numerischen Schlussel und einem vorbe- 
summten Primarschlussel einen kryptographi- 
schen Schlussel zu erzeugen; und 
Entschlusselungsmlttel (119), um unter Ver- 30 
wendung des kryptographischen Schlussels die 
verschlusselte physische charakteristische In- 
formation zu entschlusseln. 

5. Computerlesbares Medium, das Anweisungen spei- 35 
chert, welche zumindest einen Teil eines Computer- 
systems veranlassen, auszufuhren: 

eine Eingabeprozedur, um eine physische cha- 
rakteristische Information einzugeben, die ein 40 
einer Person anhaftendes Charakteristikum re- 
prasentiert; 

eine numerische Schlussel erzeugende Proze- 
dur, um einen numerischen Schlussel willkurlich 
zu bestimmen; 45 
eine Schlussel erzeugende Prozedur, um aus 
dem numerischen Schlussel und einem vorbe- 
stimmten Primarschlussel einen kryptographi- 
schen Schlussel zu erzeugen; 
eine Verschiusseiungsprozedur, um die physi- 50 
sche charakteristische Information unter Ver- 
wendung des kryptographischen Schlussels zu 
verschlusseln; und 

eine Codes erzeugende Prozedur, um aus der 
verschlusselten physischen charakteristischen 55 
Information und dem numerischen Schlussel ei- 
nen Hilfscode zu erzeugen. 
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6. Computerlesbares Medium, das Anweisungen spei- 
chert, welche zumindest einen Teil eines Computer- 
systems veranlassen, auszufuhren: 

eine Empfangsprozedur, um ein Kryptogramm 
zu empfangen, das eine verschlusselte physi- 
sche charakteristische Information und einen 
Hilfscode enthalt; 

eine numerische Schlussel wiederherstellende 
Prozedur, um aus der verschlusselten physi- 
schen charakteristischen Information und dem 
Hilfscode einen numerischen Schlussel wieder- 
herzustellen; 

eine Schlussel erzeugende Prozedur, um aus 
dem numerischen Schlussel und einem vorbe- 
stimmten Primarschlussel einen kryptographi- 
schen Schlussel zu erzeugen; und 
eine Entschlijsselungsprozedur, um die ver- 
schlusselte physische charakteristische Infor- 
mation durch Verwenden des kryptographi- 
schen Schlussels zu entschlusseln. 



Revendications 

1. Procede cryptographique comprenant les etapes 
suivantes : 

recevoir des informations de caracteristique 
physique representantune caracteristique inhe- 
rente a un individu (S1 1 ) ; 
determiner de facon aleatoire une touche nume- 
rique (S12) ; 

generer une touche cryptographique a partir de 
ladite touche numerique et d'une touche primai- 
re predeterminee (S13) ; 
chiffrer lesdites informations de caracteristique 
physique en utilisant ladite touche cryptographi- 
que (S14) ; et 

generer un code auxiliaire pour restaurer ladite 
touche cryptographique a partir desdites infor- 
mations de caracteristique physique chiffrees et 
de ladite touche numerique (S15). 

2. Procede de dechiffrage comprenant les etapes 
suivantes : 

recevoir des informations de caracteristique 
physique chiffrees et un code auxiliaire (S21) ; 
restaurer une touche numerique a partir desdi- 
tes donnees recues (S22) ; 
restaurer une touche cryptographique a partir 
de ladite touche numerique et d'une touche pri- 
maire predeterminee (S23) ; et 
dechiffrer lesdites informations de caracteristi- 
que physique chiffrees en utilisant ladite touche 
cryptographique, et obtenirdes informations de 
caracteristique physique (S24). 
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3. Equipement cryptographique, comprenant : 

des moyens d'entree (111) pour entrer des in- 
formations de caracteristique physique repre- 
sentant une caracteristique inherente a un 5 
individu ; 

des moyens de generation de touche numerique 
(112) pour determiner de facon aleatoire une 
touche numerique ; 

des moyens de generation de touche (1 1 3) pour 10 
generer une touche cryptographique a partir de 
ladite touche numerique et d'une touche primai- 
re predeterminee ; 

des moyens de chiffrage (1 1 4) pour chiffrer les- 
dites informations de caracteristique physique 15 
en utilisant ladite touche cryptographique ; et 
des moyens de generation de code (1 15) pour 
generer un code auxiliaire a partir desdites in- 
formations de caracteristique physique chiffrees 
et de ladite touche numerique. 20 

4. Equipement de dechiffrage, comprenant : 



mations de caracteristique physique chiffrees et 
de ladite touche numerique. 

6. Support lisible par un ordinateur pour stocker des 
instructions entralnant au moins une partie d'un sys- 
teme informatique a executer : 

une procedure de reception pour recevoir des 
informations de caracteristique physique chif- 
frees et un code auxiliaire ; 
une procedure de restauration de touche nume- 
rique pour restaurer une touche numerique a 
partir desdites informations de caracteristique 
physique chiffrees et dudit code auxiliaire ; 
une procedure de generation de touche pour ge- 
nerer une touche cryptographique a partir de la- 
dite touche numerique et d'une touche primaire 
predeterminee ; et 

une procedure de dechiffrage pour dechiffrer 
lesdites informations de caracteristique physi- 
que chiffrees en utilisant ladite touche crypto- 
graphique. 



des moyens de reception (117) pour recevoir 
des informations de caracteristique physique 25 
chiffrees et un code auxiliaire ; 
des moyens de restauration de touche numeri- 
que (1 1 8) pour restaurer une touche numerique 
a partir desdites informations de caracteristique 
physique chiffrees et dudit code auxiliaire ; 30 
des moyens de generation de touche (1 1 3) pour 
generer une touche cryptographique a partir de 
ladite touche numerique et d'une touche primai- 
re predeterminee ; et 

des moyens de dechiffrage (119) pour dechiffrer 35 
lesdites informations de caracteristique physi- 
que chiffrees en utilisant ladite touche crypto- 
graphique. 

5. Support lisible par un ordinateur pour stocker des 40 
instructions entralnant au moins une partie d'un sys- 
teme informatique a executer : 



uneprocedured'entree pour entrer des informa- 
tions de caracteristique physique representant 45 
une caracteristique inherente a un individu ; 
une procedure de generation de touche nume- 
rique pour determiner de facon aleatoire une 
touche numerique ; 

une procedure degeneration de touche pour ge- so 
nerer une touche cryptographique a partir de la- 
dite touche numerique et d'une touche primaire 
predeterminee ; 

une procedure de chiffrage pour chiffrer lesdites 
informations de caracteristique physique en uti- 55 
lisant ladite touche cryptographique ; et 
une procedure de generation de code pour ge- 
nerer un code auxiliaire a partir desdites infor- 
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